for them does not belong in the IP_FW_F_COMMAND switch, that mask doesn't even
apply to them(!).
2. You cannot add a uid/gid rule to something that isn't TCP, UDP, or IP.
XXX - this should be handled in ipfw(8) as well (for more diagnostic output),
but this at least protects bogus rules from being added.
Pointy hat: green
to allow commonality between varying platforms. This is a step
towards parsing the diskless configuration information with MI code
inside the kernel.
Export the interface hardware address to the kernel, so that it is possible
to determine the boot interface with certainty.
Export the NFS filehandle for the root mount to the kernel, so that the
kernel does not need to perform a mount RPC call.
chgsbsize(), which are called rather frequently and may be called from an
interrupt context in the case of chgsbsize(). Instead, do the hash table
lookup and maintenance when credentials are changed, which is a lot less
frequent. Add pointers to the uidinfo structures to the ucred and pcred
structures for fast access. Pass a pointer to the credential to chgproccnt()
and chgsbsize() instead of passing the uid. Add a reference count to the
uidinfo structure and use it to decide when to free the structure rather
than freeing the structure when the resource consumption drops to zero.
Move the resource tracking code from kern_proc.c to kern_resource.c. Move
some duplicate code sequences in kern_prot.c to separate helper functions.
Change KASSERTs in this code to unconditional tests and calls to panic().
1.6 2000/04/12 21:07:55 scw
Add support for the SOHOware PCMCIA Ethernet card, model ND5100-E.
This seems to be a re-badged NDC (National Datacomms. Corp) card.
It needs a quirk entry due to lack of manufacturer tuple in the CIS.
For some reason, the 'Tx/Rx' LED on the connector module is inverted
such that it is off during network activity...
at this point):
Replace all '#ifdef DEBUG' with '#ifdef NULLFS_DEBUG' and add NULLFSDEBUG
macro.
Protect nullfs hash table with lockmgr.
Use proper order of operations when freeing mnt_data.
Return correct fsid in the null_getattr().
Add null_open() function to catch MNT_NODEV (obtained from NetBSD).
Add null_rename() to catch cross-fs rename operations (submitted by
Ustimenko Semen <semen@iclub.nsu.ru>)
Remove duplicate $FreeBSD$ tags.
Some have dual host->PCI bridges for the same logical pci bus (!), eg:
some of the RCC chipsets. This is a 32/64 bit 33/66MHz and dual pci
voltage motherboard so persumably there are electical or signalling
differences but they are otherwise the same logical bus.
The new PCI probe code however was getting somewhat upset about it and
ended up creating two pci bridges to the same logical bus, which caused
devices on that logical bus to appear and be probed twice.
The ACPI data on this box correctly identifies this stuff, so bring on
ACPI! :-)
bus/slot/function numbers. The old PCI code used other markers or
something, but without it here under the new pci code it is very hard to
tell which device is which (this only affects bootverbose mode).
unsupported address family is used on localhost interface.
looutput: af=0 unexpected
Speculation as to the reasons for my seeing this error are welcome, of
course. :-)
PR kern/20895:
- Add FE_DAC new feature flag to distinguish between
64 bit PCI addressing (DAC cycles) and 64 bit PCI
interface (64 bit Memory BARs).
- Properly deal with chips that have a 32 bit PCI
interface but support and may generate DAC.
(Only SYM53C895A for now).
PR misc/17584 (at least partially addressed):
- Try detecting hardware combinations that trigger
spurious PCI master parity error detections by the
PCI chip. This work-around is implemented in the
`snooptest' routine and consists in retrying with
PCI master parity checking disabled if such an
error is reported by the PCI chip during this test.
Other:
- Fix a tiny bug in WIDE negotiation that was very
unlikely to be triggerred. The BUS width was wrongly
compared against chip's max. offset.
In the nexus case, there are no ivars for children of nexus devices,
and we were passing data in from before the device existed, hence ivars
are convenient as the softc doesn't really exist yet.
However, for pci->pci bridges, the pcib occupies a pci device itself,
which *does* already have ivars. However, softc is available and stable
at this point since we've been identified and are locating the bus during
attach. So, use softc for this version of pcib devices for storing the
physical bus number in.
function which may lead to stack lossage and clobbered variables.
This isn't the case here, but there is no way to tell gcc that.
Work around this in a kinda bizzare way, but it shuts gcc up.
This is kinda important since the bzero symbol on i386 is not a function
but a function pointer.. If memset() tried to call it as though it were
a function, things would be less than satisfactory. In reality though
this was not an actual problem and just caused compile warnings.
#includes "smbus.h". There is still some bogus (but harmless) stuff
here surrounding the #include <sys/bus.h> includes here and elsewhere in
the bktr code.
attribute namespace and DAC protection on file:
- Attribute names beginning with '$' are in the system namespace
- The attribute name "$" is reserved
- System namespace attributes may only be read/set by suser()
or by kernel (cred == NULL)
- Other attribute names are in the application namespace
- The attribute name "" is reserved
- Application namespace attributes are protected in the manner
of the target file permission
o Kernel changes
- Add ufs_extattr_valid_attrname() to check whether the requested
attribute "set" or "enable" is appropriate (i.e., non-reserved)
- Modify ufs_extattr_credcheck() to accept target file vnode, not
to take inode uid
- Modify ufs_extattr_credcheck() to check namespace, then enforce
either kernel/suser for system namespace, or vaccess() for
application namespace
o EA backing file format changes
- Remove permission fields from extended attribute backing file
header
- Bump extended attribute backing file header version to 3
o Update extattrctl.c and extattrctl.8
- Remove now deprecated -r and -w arguments to initattr, as
permissions are now implicit
- (unrelated) fix error reporting and unlinking during failed
initattr to remove duplicate/inaccurate error messages, and to
only unlink if the failure wasn't in the backing file open()
Obtained from: TrustedBSD Project
cloning infrastructure standard in kern_conf. Modules are now
the same with or without devfs support.
If you need to detect if devfs is present, in modules or elsewhere,
check the integer variable "devfs_present".
This happily removes an ugly hack from kern/vfs_conf.c.
This forces a rename of the eventhandler and the standard clone
helper function.
Include <sys/eventhandler.h> in <sys/conf.h>: it's a helper #include
like <sys/queue.h>
Remove all #includes of opt_devfs.h they no longer matter.
and bump __FreeBSD_version to 500012 to mark the occasion.
setproctitle() is prototyped in unistd.h as opposed to stdlib.h
where OpenBSD and NetBSD have it.
Reviewed by: peter
machines. The patch uses an existing global variable in place of the
newbus accessor to get at use_bwx.
This is a quick fix to get miatas booting again; somebody
with more newbus skills than I can muster will have to correct it.
Matt Jacob's description of the problem from the -alpha list:
The IVAR accessor stuff for pcib is incompletely specified for CIA. There's
only one accessor defined, and that's to get the BUS instance number.
<..>
The device methods that try and get at the use_bwx get overriden because
there's only one ivar for CIA's pcib, and that's for hose #, and it's always
zero.
the link and activity LED control bits in CSR15 in order for the
controller to drive the LEDs correctly. This was largely done for the
ZNYX multiport cards, but should also work with the DEC DE500-BA
and other non-MII cards.
enable bit hasn't been set in the command register, set the bit and
honour the register. It seems that quite a few lazy BIOS writers
aren't bothering to do this, which upsets the existing code and causes
us to miss out on properly-configured devices.
pcib instance is initialized because accesses to PCI_Config region can
occur during ACPI initialization.
Note that this is a short term solution, more consideration will be
required in order to integrate ACPI into the newbus probe sequence.
change channel interface - kobj implementation coming soonish
make pcm_makelinks not panic if modular
add pcm_unregister()
these changes support newpcm kld unloading, but this is only implemented
by ds1.c
datagram embedded into ICMP error message, not with protocol
field of ICMP message itself (which is always IPPROTO_ICMP).
Pointed by: Erik Salander <erik@whistle.com>
rather than implementing its own {uid,gid,other} checks against vnode
mode. Similar change to linprocfs currently under review.
Obtained from: TrustedBSD Project
fields between host and network byte order. The details:
o icmp_error() now does not add IP header length. This fixes the problem
when icmp_error() is called from ip_forward(). In this case the ip_len
of the original IP datagram returned with ICMP error was wrong.
o icmp_error() expects all three fields, ip_len, ip_id and ip_off in host
byte order, so DTRT and convert these fields back to network byte order
before sending a message. This fixes the problem described in PR 16240
and PR 20877 (ip_id field was returned in host byte order).
o ip_ttl decrement operation in ip_forward() was moved down to make sure
that it does not corrupt the copy of original IP datagram passed later
to icmp_error().
o A copy of original IP datagram in ip_forward() was made a read-write,
independent copy. This fixes the problem I first reported to Garrett
Wollman and Bill Fenner and later put in audit trail of PR 16240:
ip_output() (not always) converts fields of original datagram to network
byte order, but because copy (mcopy) and its original (m) most likely
share the same mbuf cluster, ip_output()'s manipulations on original
also corrupted the copy.
o ip_output() now expects all three fields, ip_len, ip_off and (what is
significant) ip_id in host byte order. It was a headache for years that
ip_id was handled differently. The only compatibility issue here is the
raw IP socket interface with IP_HDRINCL socket option set and a non-zero
ip_id field, but ip.4 manual page was unclear on whether in this case
ip_id field should be in host or network byte order.
not alias `ip_src' unless it comes from the host an original
datagram that triggered this error message was destined for.
PR: 20712
Reviewed by: brian, Charles Mott <cmott@scientech.com>
This provides support for the Adaptec SCSI RAID controller family,
as well as the DPT SmartRAID V and VI families.
The driver will be maintained by Mark and Adaptec, and any changes
should be referred to the MAINTAINER.
pcib_set_bus() cannot be used on the new child because it is
meant to be used on the *pci* device (it looks at the parent internally)
not the pcib being added. Bite the bullet and use ivars for the bus
number to avoid any doubts about whether the softc is consistant between
probe and attach. This should not break the Alpha code.
foo_pcib_[read|write]_config() functions rather than relying on
a break or return being in the CFG macro.
This fixes a panic later in the boot process on a UP1000. From
inspection, it looks like this fixes a similar problem in the tsunami code.
Approved by: dfr
kern.ps_showallprocs. Apparently got lost in the merge process from
the capability patches. Now fixed.
Submitted by: jdp
Obtained from: TrustedBSD Project
- Remove DELAY() kludge before power off.
- Move EVENTHANDLER_REGISTER to acpi_attach().
- Pass RB_POWEROFF flag to shutdown_nice().
Reviewed by: msmith
- Enable WB cache via CCR2 and CR0.
- Set the need_pre_dma_flush when the CPU_I486_ON_386 option is
defined.
Submitted by: Kaho Toshikazu <kaho@elam.kais.kyoto-u.ac.jp>
drives. Some IDE cards don't set propler information into BIOS work
are and their sector size were always recognized as 256 bytes/sector.
Pointed out by: jagarl@creator.club.ne.jp
kernel can instigate an orderly shutdown but still determine the form of
that shutdown. Make it possible eg. to cleanly shutdown and power off the
system under ACPI when the power button is pressed.
the build (oops!): replace calls to p_trespass() and PRISON_CHECK()
with p_can(..., {P_CAN_SEE, P_CAN_DEBUG}, NULL)
o Remove volatile usage from procfs_readdir() to remove warnings
o Apply bp's CREATE fix to linprocfs, causing EROFS to be returned on
CREATE calls to procfs_lookup()
o Some further synchronization still needs to occur: only existing
access checks were replaced, to fix the build--the new ones were not
added. I'll do this later today, this is a "fix the build quickly"
commit. This means that, in the interim, some information leakage
can still occur via linprocfs when using jail or kern.ps_showallprocs
Submitted by: knu
Approved by: des
Obtained from: TrustedBSD Project
- New support for 40LD firmware found in Series 475 and 471 adapters.
- Better support for 8LD firmware adapters
- Ioctl passthrough interface for userland utilities.
- Improved error handling and queueing.
- Several bugfixes (including the 'still open' shutdown bug and
closing some small race conditions).
- Zone-style command allocator, reducing memory wasted under heavy
load conditions.
- CAM interface (disabled and not fully working) for SCSI passthrough
access to non-disk devices
Thanks to AMI for supplying a pile of new adapters and various other
help in making this happen.
shouldn't be built by default. pcic and pccard are going to go
through some changes and I'll not be testing them on the alpha so I
don't want to break them for the FreeBSD/alpha folks.
int p_can(p1, p2, operation, privused)
which allows specification of subject process, object process,
inter-process operation, and an optional call-by-reference privused
flag, allowing the caller to determine if privilege was required
for the call to succeed. This allows jail, kern.ps_showallprocs and
regular credential-based interaction checks to occur in one block of
code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL,
and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a
series of static function checks in kern_prot, which should not
be invoked directly.
o Commented out capabilities entries are included for some checks.
o Update most inter-process authorization to make use of p_can() instead
of manual checks, PRISON_CHECK(), P_TRESPASS(), and
kern.ps_showallprocs.
o Modify suser{,_xxx} to use const arguments, as it no longer modifies
process flags due to the disabling of ASU.
o Modify some checks/errors in procfs so that ENOENT is returned instead
of ESRCH, further improving concealment of processes that should not
be visible to other processes. Also introduce new access checks to
improve hiding of processes for procfs_lookup(), procfs_getattr(),
procfs_readdir(). Correct a bug reported by bp concerning not
handling the CREATE case in procfs_lookup(). Remove volatile flag in
procfs that caused apparently spurious qualifier warnigns (approved by
bde).
o Add comment noting that ktrace() has not been updated, as its access
control checks are different from ptrace(), whereas they should
probably be the same. Further discussion should happen on this topic.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
time being, the ASU accounting flag will no longer be available, but
may be reinstituted in the future once authorization have been redone.
As it is, the kernel went through contortions in access control to
avoid calling suser, which always set the flag. This will also allow
suser to accept const struct *{cred, proc} arguments.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
also mention the peripheral name, bus, target and lun of the device we
attempted to put in that slot. This gives the user a little more
information about what is going on.
Tested by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
Discussed with: gibbs
for the Quantum "MAVERICK 540S" and "LPS525S".
Also, add common string variables, since we seem to have a few Quantum and
Micropolis drives in here.
Fix the 'quantum' variable usage in scsi_all.c that likely got broken when
someone staticized things in cam_xpt.c. (That particular problem would
cause Quantum Fireball ST drives to not get spun up if they were not
already spinning.)
Submitted by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
- Add new funcions for device state stuff;
acpi_get_current_device_state() and acpi_set_device_state()
- Add new funcions for power resource stuff;
acpi_powerres_init(), acpi_powerres_debug(),
acpi_get_current_powerres_state() and acpi_set_powerres_state()
These were implemented based on 7.1, 7.2, 7.2.2, 7.2.3, 7.2.4, 7.3,
7.3.3, 7.4, 7.4.1, 7.4.2, 7.4.3 and 7.5 of ACPI spec 1.0b.
- The "Osd*" stuff went away from acpi driver code, use the bus_space
functions directly instead.
- Fix minor english bugs.
acpi_registers_input -> acpi_register_input
acpi_registers_output -> acpi_register_output
- Remove all magic numbers for the sleeping states. We now have
#defines for these.
- NULL is treated the same as the return from aml_get_rootname in
aml_find_from_namespace().
Suggested by: msmith
Thanks mike!
object before falling back on privilege. Make vaccess() accept an
additional optional argument, privused, to determine whether
privilege was required for vaccess() to return 0. Add commented
out capability checks for reference. Rename some variables to make
it more clear which modes/uids/etc are associated with the object,
and which with the access mode.
o Update file system use of vaccess() to pass NULL as the optional
privused argument. Once additional patches are applied, suser()
will no longer set ASU, so privused will permit passing of
privilege information up the stack to the caller.
Reviewed by: bde, green, phk, -security, others
Obtained from: TrustedBSD Project
the chgsbsize() call to use a "subject" pointer (&sb.sb_hiwat) and
a u_long target to set it to. The whole thing is splnet().
This fixes a problem that jdp has been able to provoke.
the drivers.
* Remove legacy inx/outx support from chipset and replace with macros
which call busspace.
* Rework pci config accesses to route through the pcib device instead of
calling a MD function directly.
With these changes it is possible to cleanly support machines which have
more than one independantly numbered PCI busses. As a bonus, the new
busspace implementation should be measurably faster than the old one.
laptops. I've checked that this still works with the other cards and
it works with the 3c556 that I have access to, but I want to check that
it works with the 556B mentioned in PR #20878 before I close out the PR
and merge to -stable.
possible complications with the forthcoming DRI code, and feel that DRI
should handle the device-level interaction. Read
http://people.FreeBSD.org/~cokane/3dfx.html
to find out more. Basically want to move toward using OpenGL and DRI for
everything on these cards. Added a few defines and spacing style fixes in
tdfx_vars.h
defined. This boils down to conditionally compile the
old signal syscalls.
We might want to extend the types in syscalls.master to
make these syscalls conditionally on something more
appropriate than COMPAT_43.
then treat it as such. This isn't perfect, but should do for things
like GENERIC. When in fallback mode, they will be used if there are NO
other hints.
longs larger than 32 bits or strict alignment requirements.
pm_fatmask had type u_long, but it must have a type that has precisely
32 bits and this type must be no smaller than int, so that ~pmp->pm_fatmask
has no bits above the 31st set. Otherwise, comparisons between (cn
| ~pmp->pm_fatmask) and magic 32-bit "cluster" numbers always fail.
The correct fix is to use the C99 type uint_least32_t and mask with
0xffffffff. The quick fix is to use u_int32_t and assume that ints
have
msdosfs metadata is riddled with unaligned fields, and on alphas,
unaligned_fixup() apparently has problems fixing up the unaligned
accesses caused by this. The quick fix is to not comment out the
NetBSD code that sort of handles this, and define UNALIGNED_ACCESS on
i386's so that the code doesn't change on i386's. The correct fix
would define UNALIGNED_ACCESS in a central machine-dependent header
and maybe add some extra cases to unaligned_fixup(). UNALIGNED_ACCESS
is also tested in isofs.
Submitted by: parts by Mark Abene <phiber@radicalmedia.com>
PR: 19086
BOOT_BTX_NOHANG, then BTX will be compiled with the appropriate flags so
that it reboots after a fault instead of hanging forever.
Requested by: ps
Approved by: rnordier
